Question

我有一个Apache服务器充当反向代理，其中配置了两个相同的虚拟主机：server1和server2（见下文）。 server2.mydomain.com有一个CNAME DNS记录，指向server1.mydomain.com。当我点击http：// server1 .mydomain.com / some / resource时，后端服务器会看到包含 server2 .mydomain.com的X-Forwarded-Host标头。这是一个错误还是我的配置不正确？

感谢。

-b

这是我的虚拟主机的样子：

非SSL（重写为SSL）

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName server1.mydomain.com
    ServerAlias server1
    ServerSignature off

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName server2.mydomain.com
    ServerAlias server2
    ServerSignature off

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>

SSL

<VirtualHost *:443>
    ServerAdmin webmaster@localhost
    ServerName server1.mydomain.com
    ServerSignature off

    DocumentRoot ...

    <Directory ... />

    Header        edit Location ^http:(.*)$ https:$1
    RequestHeader set X-Forwarded-Proto https

    ProxyVia off
    ProxyRequests Off
    ProxyPreserveHost On

    SSLProxyEngine On
    ProxyPass / https://back-end.mydomin.com/
    ProxyPassReverse / https://back-end.mydomain.com/

    ...
<VirtualHost>
<VirtualHost *:443>
    ServerAdmin webmaster@localhost
    ServerName server2.mydomain.com
    ServerSignature off

    DocumentRoot ...

    <Directory ... />

    Header        edit Location ^http:(.*)$ https:$1
    RequestHeader set X-Forwarded-Proto https

    ProxyVia off
    ProxyRequests Off
    ProxyPreserveHost On

    SSLProxyEngine On
    ProxyPass / https://back-end.mydomin.com/
    ProxyPassReverse / https://back-end.mydomain.com/

    ...
<VirtualHost>

Answer 1

我的坏。我有重叠的SSL虚拟主机（当我启动/停止Apache时没有注意到警告）。解决方案是将 NameVirtualHost *：443 添加到ports.conf

-b

X-Forwarded-Host包含错误的虚拟主机

1 个答案: